Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

• A British Airways
flight caught fire on the runway of McCarran International Airport in Las Vegas
September 8, leaving 13 people injured. – CNN

4. September
9, CNN – (Nevada) British Airways plane catches fire at Las Vegas
airport; 13 injured. A British Airways flight headed to London’s Gatwick
Airport caught fire on the runway of McCarran International Airport in Las
Vegas September 8, leaving 13 people injured when all 172 passengers and crew
members evacuated the plane. The Federal Aviation Administration reported that
the aircraft’s left engine caught fire before takeoff. Source: http://www.cnn.com/2015/09/08/us/las-vegas-british-airways-fire/

• Residents in Red
Springs, North Carolina, were issued a 72-hour boil advisory notice beginning
September 8 after 2.5 million gallons of stored water was lost due to a broken
water line. – WBTW 13 Florence

8. September
8, WBTW 13 Florence – (North Carolina) Car crash leads to boil water advisory in
Red Springs. Residents in Red Springs, North Carolina, were issued a
72-hour boil advisory notice beginning September 8 after a vehicle hit a fire
hydrant and ruptured a water line September 4. The break caused a 2.5 million
gallon water shortage and officials estimated that water service would be
restored after several hours. Source: http://wbtw.com/2015/09/08/car-crash-leads-to-dry-water-taps-in-red-springs/

• California State University
officials reported September 8 that the personal information of nearly 80,000
students enrolled in an online sexual violence prevention course was exposed by
hackers through a third-party vendor. – Los Angeles Times

13. September
8, Los Angeles Times – (California) Cal State data breach hits nearly 80,000
students. California State University officials reported September 8 that
the personal information, including login information, gender, race, sexual
identity, and campus-issued email addresses of nearly 80,000 students enrolled
in an online sexual violence prevention course through the third-party vendor,
We End Violence, was exposed by a vulnerability in the underlying code.
Authorities are investigating the breach which involved eight university
campuses. Source: http://www.latimes.com/local/lanow/la-me-ln-cal-state-data-breach-20150908-story.html

1. September
8, U.S. Securities and Exchange Commission – (International) SEC
charges video management company executives with accounting fraud. The U.S.
Securities and Exchange Commission charged two former executives at KIT Digital
September 8 with accounting fraud in connection to schemes in which the
executives allegedly manipulated the company’s books and misled investors,
including an off-the-books slush fund used to generate payments back to the
company while creating a false appearance that the company was being paid for
its products, among other deceptions. Source: http://www.sec.gov/news/pressrelease/2015-183.html

2. September
8, U.S. Securities and Exchange Commission – (National) SEC charges
three RMBS traders with defrauding investors. The U.S. Securities and
Exchange Commission charged three former Nomura Securities International
residential mortgage-backed securities (RMBS) traders September 8 with fraud,
alleging that the suspects misrepresented RMBS bids, offers, prices, and
spreads, generating at least $7 million in fraudulent revenue. The suspects
also allegedly invented phantom third-party sellers and fictional offers for
bonds that the company already owned.

15. September
9, Securityweek – (International) Adobe patches critical vulnerabilities in
Shockwave Player. Adobe released an update addressing two critical memory
corruption vulnerabilities in its Shockwave Player for Microsoft Windows
versions 12.1.9.160 and earlier that could allow an attacker to take control of
an affected system and execute malicious code. Source: http://www.securityweek.com/adobe-patches-critical-vulnerabilities-shockwave-player

16. September
9, Securityweek – (International) ICS flaw disclosures at high levels since
Stuxnet attack: Report. Findings from a report published by Recorded Future
revealed a dramatic increase in disclosed industrial control system (ICS)
vulnerabilities since a 2011 Stuxnet attack targeting Iran’s nuclear
facilities, including almost 50 new vulnerabilities discovered in 2015 through
mid-July. Source: http://www.securityweek.com/ics-flaw-disclosures-high-levels-stuxnet-attack-report

17. September
8, Securityweek – (International) NETGEAR patches vulnerability in Wireless
Management System. NETGEAR released a firmware update addressing a
vulnerability in its WMS5316 ProSafe 16AP Wireless Management System running
version 2.1.4.15 (Build 1236) in which an attacker could gain unauthorized
access and privilege escalation by including a specific symbol in the password
value for the system’s login. Source: http://www.securityweek.com/netgear-patches-vulnerability-wireless-management-system

19. September
8, SC Magazine – (International) Verified Play Store apps found to be
spreading MKero malware. Security researchers from Bitdefender discovered
malware dubbed MKero present in at least seven Google Play Store apps that uses
a CAPTCHA translation service that evades detection to automatically sign users
up for a premium short message service (SMS). Source: http://www.scmagazine.com/bitdefender-details-new-android-malware/article/437384/

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"